With the number of cyberattacks growing with each passing day, the need for increasingly sophisticated security systems has never been higher. Just when these ceaseless attacks had you at your wit’s end, machine learning may just restore some sanity to the cybersecurity scene.

Recently, there has been a string of attacks affecting some ransomware victims who pay their ransom in an attempt to regain access to their encrypted data. These ransom payments are being intercepted by a third party, ironcally turning the ransomware attackers into the second victim. As a result, the original ransomware victims are victimized a second time, as they won’t get their data back since the ransomware attackers never receive the ransom money.

Organizations Can Protect Against 4,000 Cyberattacks for Less Than a Dollar per Device per Month.

In terms of collaboration, Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) represent a revolution in the security industry. These protocols transformed the field of threat intelligence from a fragmented collection of information to a unified standard for information sharing. In this blog, I will examine this transition and how it came about.

In part one I provided a high level overview of PowerShell and the potential risk it poses to networks. Of course we can only mitigate some PowerShell attacks if we have a trace, so going forward I am assuming that you followed part 1 of this series and enabled: Module Logging, Script Block Logging, Security Process Tracking (4688/4689)

Log360 Adds Prebuilt Report, Enhanced Data Breach Detection Capabilities to Streamline Enterprise Compliance with GDPR.